From 7a35b711df127664e7430b2644ae92c75f3d5f67 Mon Sep 17 00:00:00 2001
From: "Dmitry V. Levin" <ldv@altlinux.org>
Date: Sun, 6 Aug 2017 13:27:07 +0000
Subject: [PATCH] Fix handling of unexpected tracees when PTRACE_SEIZE is not
 in use

* strace.c (maybe_allocate_tcb) <WIFSTOPPED(status) && !followfork>:
The expected ptrace stop signal in case of !use seize is not
syscall_trap_sig but SIGSTOP.  An idea of using PTRACE_GETSIGINFO to
distinguish signal stops that should be re-injected from other kinds
of stops didn't work out due to kernel implementation peculiarities
of initial ptrace-stop.
---
 strace.c | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/strace.c b/strace.c
index 5a2adf02..9217efe4 100644
--- a/strace.c
+++ b/strace.c
@@ -2095,10 +2095,15 @@ maybe_allocate_tcb(const int pid, int status)
 		 * This can happen if a clone call misused CLONE_PTRACE itself.
 		 */
 		unsigned int sig = WSTOPSIG(status);
-		unsigned int event = (unsigned int) status >> 16;
 
-		if (event == PTRACE_EVENT_STOP || sig == syscall_trap_sig)
-			sig = 0;
+		if (use_seize) {
+			unsigned int event = (unsigned int) status >> 16;
+			if (event == PTRACE_EVENT_STOP)
+				sig = 0;
+		} else {
+			if (sig == SIGSTOP)
+				sig = 0;
+		}
 
 		ptrace(PTRACE_DETACH, pid, NULL, (unsigned long) sig);
 		error_msg("Detached unknown pid %d%s%s", pid,
-- 
2.40.0